The global cost of ransomware and cyber-attacks on both supply chains and critical infrastructure are predicted to reach Euros 7.3 trillion (USD 8 trillion) annually in 2023.

That figure is expected  to see a 15% increase in cyber crime costs to Euros 9.7 trillion (USD 10.5 trillion) by 2025.

Natural catastrophe-related claims reached more than Euros 92 billion (USD 100 billion) for the second year running in 2022, with flooding and hail in Europe, Australian floods and severe storms in the United States also contributing to the figure.

Unlike a cyber-attack, a natural catastrophe does not intend to cause maximum damage and the rapidly rising cyber losses in recent years have prompted emergency measures by insurance underwriters to limit their exposure.

The International Monetary Fund has previously warned that “the cyber threat landscape is highly dynamic and rapidly changing” and that the nature of cyber-attacks “continues to evolve” having started as predominantly destructive malware attacks.

In September, Lloyd’s of London defended a move to limit systemic risk from cyber-attacks by requesting  insurance policies written in the market have an exemption for state-backed attacks.

While some major players are reviewing their place in the market there are other insurers who are creating new capacity in to the market. That is why it is vital that  businesses need to employ the services of a specialist insurance broker to procure comprehensive and competitive terms.

It is important to recognise that businesses which already have good levels of cyber security can find insurers willing to underwrite them. However, that is not the case for those businesses without any existing cyber security risk management.

There are exemptions written into policies for certain types of cyber-attacks and in 2019, Zurich initially denied a  Euros 92 million (USD 100m ) claim from food company Mondelez, arising from the NotPetya attack, on the basis that the policy excluded a “warlike action”. The two sides later settled.

There have been calls for national Governments to set up private-public schemes to handle systemic cyber risks that can’t be quantified, similar to those that exist in some jurisdictions for earthquakes or terror attacks.

A report from the US Government Accountability Office in June highlighted the potential of cyber incidents to “spill over” to other linked firms. It said examples such as the Colonial Pipeline hack, which created temporary gasoline shortages in the south-east US, demonstrated “the possibility that a single cyber incident could ripple across critical infrastructure with catastrophic consequences”.

Businesses wanting to avoid the risks to their balance sheet and reputation, should contact a specialist Cyber Insurance Broker to procure a Specialist Broad Form Cyber Insurance Policy. We highly encourage these to avoid ambiguity over coverage and secure protection and relevant cover, as well as pre event cyber risk management together with claims management support.

Solutions are available for multi-billion turnover businesses, down to small start-ups. For further information visit www.wdenis.eu or to discuss this further with a broker please contact Vida Jarašiūnaitė Vida.Jarasiunaite@wdenis.eu or Mark Dutton mark.dutton@wdenis.com